In the e-mail server Exim 4.80.1 fixed a critical vulnerability

Posted: October 27, 2012 in Security Notices, Vulnerability News
Tags: , , , ,


e-mail server Exim

Developers of the Exim mail server reported that all versions from 4.70 and 4.80 inclusive ending, found a vulnerability that may allow a remote attacker theoretically get full access to the system is running Exim.

The vulnerability is manifested in the subsystem configurations DKIM, which is enabled by default, and is present in most assemblies Exim in different distributions.

Error is found in the code with the implementation of an authentication protocol authentication e-mail messages DKIM (DomainKeys Identified Mail) and is manifested by the lack of sufficient test data returned by the remote DNS-server, which allows the execution of arbitrary code when decoding specially decorated DNS-response. To exploit the vulnerability to send email from the domain that is serviced controlled attackers DNS-server, and the server’s request to return the victim’s specially modified DNS-response.

To correct the security breach was released unscheduled corrective release Exim 4.80.1, which is different from the version 4.80 patch just above vulnerability. Currently, the preparation is a significant release 4.82, which was decided not to release too soon, as it is not yet fully tested. A bug was found during an internal audit component code Exim, responsible for signing and verifying DKIM records.

To work around this problem without rebuilding and renewal applications in Section cl_smtp_connect acl_smtp_rcpt or a configuration file, you can add the line “warn control = dkim_disable_verify”. Updates to fix, currently only available for Debian, Ubuntu and FreeBSD. The exit status of fixes for other systems can be traced to the following pages: Gentoo, Mandriva, openSUSE, CentOS, Fedora, RHEL.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s